WIXLIB

Comunidad de CiscoCommunity Live eventUmbrella Roaming Client-Diagnóstico de fallasLuis Silva, Ingeniero de Soporte Técnico, CISSP, CCIE #36825Eduardo Salazar, Sr. Service Delivery ManagerDiciembre 18, 2019

Novedades &Eventos próximos 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Ask Me Anything– Sesión del eventoHasta el Viernes 20 Diciembre, 2019ConLuis Silva & Eduardo Salazarhttp://bit.ly/ama-umbrella-dec19Luis SilvaIngeniero de Soporte TécnicoCCIE #36825 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialEduardo SalazarSr. Service Delivery Manager

Evento Ask Me Anything – ¡El último del año!Configuración, Implementación y Troubleshooting de Redes Wireless AirOSHasta el viernes 20Diciembre 2019ConDaniel Ordoñezhttp://bit.ly/pregunteAirOS 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialInsert event banner

Programa Especial – Community Helping CommunityÚnase a Cisco para ayudar a Doctors Without Borders (Médicos Sin Fronteras) a brindarasistencia médica en donde más se necesita.Hasta Enero 2019Insert event bannerConozca máshttp://bit.ly/chelpc-slides-es 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Califique el contenido de la Comunidad deCisco en Español¡Califique “Discusiones, Documentos y Videos!Ayúdenos a identificar el contenido de calidad y a reconocer el esfuerzo de losintegrantes de la Comunidad 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Reconocimientos en la ComunidadParticipante DestacadoReconocimiento mensualDiseñado para reconocer y agradecer aquienes colaboran en la comunidad:publicando contenido o participando en discusiones 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Gracias por su asistencia el día de hoyLa presentación incluirá algunas preguntas a la audiencia.Le invitamos cordialmente a participar activamente en las preguntas que leharemos durante la sesión 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential¡Resuelva su dudas y comparta opiniones!

Expertos de la Comunidad de CiscoLuis silvaIngeniero de Soporte TécnicoCCIE #36825 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2019Eduardo SalazarSr. Service Device Manager

¡Gracias por estarcon nosotroshoy día!http://bit.ly/cl-slides-dec2019 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

¡Haga sus preguntas al Panel de Expertos!Use el panel de preguntasy (P&R / Q&A) parapreguntar a los expertos.Sus preguntas serán respondidaseventualmente 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Cisco CommunityCommunity Live eventTroubleshooting UmbrellaLuis Silva, Ingeniero de Soporte Técnico, CISSP, CCIE #36825Eduardo Salazar, Sr. Service Delivery ManagerDiciembre 18, 2019

Agenda Introducción Pre-requisitos de instalación Estados del agente 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialEstrategias de diagnostico defallas

¿Ha utilizado la solución deseguridad de Cisco Umbrella?Polling question 1 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialA.SíB.No

¿Dónde encaja Umbrella?Network y endpointNGFWNetflowPrimera LíneaAVAVHQRouter/UTMAVAVBRANCH 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialTodo comienza con DNSPrecede la ejecución dearchivos y la conexión IPNetwork y endpointProxySandboxMalwareC2 CallbacksPhishingEndpointAVROAMINGUtilizado por todos losdispositivosCualquier Puerto

Porque el Roaming client 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Pre-Requisitos 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Pre-Requisitos (ERC) Sistemas Operativos Soportados Windows 10 con .NET 4.5 Windows 8 (incluye 8.1) (64-bit) con .NET 4.5 Windows 7 (64-bit/32-bit) con .NET 3.5. Mac OS X 10.11 o más reciente. Sistemas Operativos No Soportados Windows Server (Todas las Versiones) Windows RT (Actualmente no soporta procesadores ARM) Mac OS X 10.8 o anteriores.Más detalles en: /2-prerequisites-update 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Pre-Requisitos (AnyConnect) Windows 7 (or posterior) x86 (32-bit) and x64 (64-bit) El VPN Module requiere Visual Studio 2015 32-bit runtime. El Roaming Security Module requiere .NET framework (3.5como mínimo) Mac OS X 10.9 (o superior) Mínima versión: 4.3 MR1 Versión mínima recomendada: 4.3 MR4 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Pre-Requisitos – DNS 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Pre-Requisitos – Encripcion 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Pre-Requisitos – HTTP/HTTPS Registro InicialRevisión de disponibilidad de una versión actualizadaReporte de statusActualización de “internal domains” 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Estados del Agente 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Estados de Roaming ClientEstadoColor del íconoDescripciónReservedGrisRevision del estado de laconecxion.Redes no activas.OpenAmarilloNo se puede conectar con208.67.222.222 por 53/UDPProtectedAmarilloDNS64 detectado. Peticiones deDNS de IPv4 e IPv6 estanprotegidasTransparentNo dotURC es capaz de conectar con208.67.222.222 en puerto53/UDP, pero no 443/UDP 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Estados de Roaming ClientEstadoColor del ÍconoDescripciónEncryptedNo dot443/UDP.Protected NetworkNo dot“Deshabilitar detrás de redesprotegidas”Behind Virtual ApplianceNo dotSe detecto un VA en la redUnprotectedRojoAgente no protegiendo la red 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Estados de AnyConnectEstadoColor del ÍconoDescripciónReservedNaranjoRevision del estado de laconecxion.Redes no activas.OpenAmarilloNo se puede conectar con208.67.222.222 por 53/UDPProtectedVerdeSe puede conectar208.67.222.222 en Puerto53/UDP, pero no 443 UDPEncryptedVerdeSe puede conectar208.67.222.222 en Puerto443 UDP 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Estados de AnyConnectEstadoColor del ÍconoDescripciónProtected NetworkVerde“Deshabilitar detrás de redesprotegidas”Behind Virtual ApplianceVerdeSe encuentra un VA en la redVPN Trusted Network StateGrisRed protegidaDisabled due to VPN StateGrisVPN activo 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Estados de AnyConnectEstadoColor del ÍconoDescripciónNo OrgInfo.json StateRojoNo hay un perfilAgent Unavailable StateRojoServicio no activoMissing .NET DependencyState (Windows only)RojoMicrosoft 4.0 NET frameworkno instalado 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

¿En qué escenarios puedo hacer undespliegue del Roaming client enmis computadoras?Polling question 2A.B.C. 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialCuando necesito saber el usuariodel Directorio ActivoCuando tengo usuarios remotoso fuera de la redCuando necesito un VPNconectado a todo momento

Deteccion de Fallas 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Conectividad Básica Wired – Wireless IP Address Puerta de enlace (DG) ARP Ping DG Ping Internet 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Revisar JSON file AnyConnect Windows: %ProgramData%\Cisco\Cisco AnyConnect Secure MobilityClient\Umbrella\oMac: /opt/cisco/anyconnect/Umbrella/Nota: Debe crear la estructura de este folder por adelantadoRoaming Client C:\ProgramData\OpenDNS\ERC\ 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Troubleshooting Básico Verificación del servicio https://welcome.umbrella.com/ 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Troubleshooting Básico – Process (/bin/ps wwaux)/opt/cisco/anyconnect/bin/dnscrypt-proxy --user nobody --localaddress 127.0.0.1:53 -plugin /opt/cisco/anyconnect/lib/libdcplugin erc.so -d/Applications/Cisco/Cisco AnyConnect Secure MobilityClient.app/Contents/MacOS/Cisco AnyConnect Secure Mobility Client psn 0 139298/Applications/Cisco/Cisco AnyConnect Secure Mobility t -console 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Troubleshooting Básico – Process (Windows) AnyConnect: acumbrellaagent.exe Standalone: ERCService.exe 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Folders Importantes (Roaming Client) Logs C:\ProgramData\OpenDNS\ERC\Open DNS ERC Service.log C:\ProgramData\OpenDNS\ERC\OpenDNS ERC UI.log Otros Archivos C:\Program Files (x86)\OpenDNS\OpenDNS Enterprise Roaming Client –The default install path. C:\ProgramData\OpenDNS\ERC\manifest.json – Indicates what version toupgrade to, if not matching. C:\ProgramData\OpenDNS\ERC\OrgInfo.json – Contains organizationId,fingerprint, and userId. 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Folders Importantes (Roaming Client) C:\ProgramData\OpenDNS\ERC\resolv.conf – Almacena IPs de los servidoresoriginales DNS para requisiciones proxying NXDOMAIN DNS (ejemplo: parabuscar recursos LAN).C:\ProgramData\OpenDNS\ERC\whitelist – Permite la Lista de Dominio(s)[desde Dominios internos (Roaming) en el dashboard]; whitelist.txt es removidosi los dominios no son colocados.C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OpenDNSRoaming Client – Comienza el shortcut link para es – La carpeta contiene losinstaladores de enDNSService MM DD YYYY.mdmp – Si ERC falla, un Dumps dir es creado para almacenar dump files. 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

AnyConnect Estadísticas 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

AnyConnect Estadísticas 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Diagnósticos (Diagnostics) Windows:%Program Files (x86)%\Cisco\Cisco AnyConnect Secure MobilityClient\UmbrellaDiagnostic.exe Mac OS / Descargar “Diagnostic cles/234692027-Umbrella-Diagnostic-Tool 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Diagnostics 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Diagnostics 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Troubleshooting Básico – Mi IP addressWindows command: nslookup myip.opendns.com 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Troubleshooting Básico - DigWindows command: nslookup internetbadguys.com 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Troubleshooting Básico– Dig 208.67.222.222Windows command: nslookup internetbadguys.com 208.67.222.222 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Troubleshooting Basico– Dig 4.2.2.1Windows command: nslookup internetbadguys.com 4.2.2.1 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Umbrella Block Page - Direcciones IPs 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Troubleshooting Básico - TracerouteWindows command: tracert internetbadguys.com 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Troubleshooting Básico - TracerouteWindows command: tracert 208.67.222.222 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

¿Qué URL se utiliza para saber siestamos utilizando Umbrella en lared?Polling question 3 2019 Cisco and/or its affiliates. All rights reserved. Cisco la.comC.Signup.umbrela.comD.Ninguna de las anteriores

Troubleshooting Básico - Traceroute 2019 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialWindows command: tracert api.opendns.com